| Message ID | 20210507073005.26972-1-Quirin.Gylstorff@siemens.com (mailing list archive) |
|---|---|
| State | Handled Elsewhere |
| Headers | show |
| Series | [isar-cip-core] kas/opt: Restructure ebg-swu.yml and qemu-swupdate.yml | expand |
On 07.05.21 09:30, Quirin Gylstorff wrote: > From: Quirin Gylstorff <quirin.gylstorff@siemens.com> > > The kas files ebg-swu.yml and qemu-swupdate.yml overlap in > some cases. Clarify their use by moving all efibootguard related > configuration to efibootguard.yml. Configuration items corresponding > with SWUpdate are moved to swupdate.yml. The option swupdate.yml is > independent of the bootloader/cpu-architecture. > > Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> > --- > doc/README.secureboot.md | 5 ++--- > kas/opt/ebg-secure-boot-base.yml | 2 ++ > kas/opt/{ebg-swu.yml => efibootguard.yml} | 12 ++++++------ > kas/opt/{qemu-swupdate.yml => swupdate.yml} | 10 +++++++--- > 4 files changed, 17 insertions(+), 12 deletions(-) > rename kas/opt/{ebg-swu.yml => efibootguard.yml} (66%) > rename kas/opt/{qemu-swupdate.yml => swupdate.yml} (52%) > > diff --git a/doc/README.secureboot.md b/doc/README.secureboot.md > index 0996edc..b5056f2 100644 > --- a/doc/README.secureboot.md > +++ b/doc/README.secureboot.md > @@ -142,7 +142,7 @@ Build the image with a signed efibootguard and unified kernel image > with the snakeoil keys by executing: > > ``` > -kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-swu.yml:kas/opt/ebg-secure-boot-snakeoil.yml > +kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-secure-boot-snakeoil.yml > ``` > > For user-generated keys, create a new option file in the repository. This option file could look like this: > @@ -150,7 +150,6 @@ For user-generated keys, create a new option file in the repository. This option > header: > version: 10 > includes: > - - kas/opt/ebg-swu.yml > - kas/opt/ebg-secure-boot-base.yml > > local_conf_header: > @@ -169,7 +168,7 @@ need to stored in the folder `recipes-devtools/ebg-secure-boot-secrets/files`. > Build the image with user-generated keys by executing the command: > > ``` > -kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-swu.yml:<path to the new option>.yml > +kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:<path to the new option>.yml > ``` > > ### Start the image > diff --git a/kas/opt/ebg-secure-boot-base.yml b/kas/opt/ebg-secure-boot-base.yml > index 30ca35a..35fb42e 100644 > --- a/kas/opt/ebg-secure-boot-base.yml > +++ b/kas/opt/ebg-secure-boot-base.yml > @@ -11,6 +11,8 @@ > > header: > version: 10 > + includes: > + - efibootguard.yml > > local_conf_header: > initramfs: | > diff --git a/kas/opt/ebg-swu.yml b/kas/opt/efibootguard.yml > similarity index 66% > rename from kas/opt/ebg-swu.yml > rename to kas/opt/efibootguard.yml > index 63dda09..544c740 100644 > --- a/kas/opt/ebg-swu.yml > +++ b/kas/opt/efibootguard.yml > @@ -8,19 +8,19 @@ > # > # SPDX-License-Identifier: MIT > # > +# This kas file adds efibootguard as the bootloader to the image > > header: > version: 10 > > local_conf_header: > - swupdate: | > - IMAGE_INSTALL_append = " swupdate efibootguard" > + efibootguard: | > + IMAGE_INSTALL_append = " efibootguard" > + > + efibootguard-swupdate: | > SWUPDATE_BOOTLOADER = "efibootguard" > > - efibootguard: | > + efibootguard-wic: | > WDOG_TIMEOUT = "0" > WICVARS += "WDOG_TIMEOUT" > > - wic: | > - IMAGE_TYPE = "wic-swu-img" > - WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks" > diff --git a/kas/opt/qemu-swupdate.yml b/kas/opt/swupdate.yml > similarity index 52% > rename from kas/opt/qemu-swupdate.yml > rename to kas/opt/swupdate.yml > index daebd2c..e622972 100644 > --- a/kas/opt/qemu-swupdate.yml > +++ b/kas/opt/swupdate.yml > @@ -8,12 +8,16 @@ > # > # SPDX-License-Identifier: MIT > # > - > +# This kas file adds swupdate and generates a ${IMAGE_NAME}.swu > +# from the first wic partition > > header: > version: 10 > > local_conf_header: > - qemu-wic: | > + swupdate: | > + IMAGE_INSTALL_append = " swupdate" > + > + wic-swu: | > IMAGE_TYPE ?= "wic-swu-img" > - WKS_FILE = "qemu-amd64-${SWUPDATE_BOOTLOADER}.wks" > + WKS_FILE = "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks" > > Thanks, applied to next. Jan
diff --git a/doc/README.secureboot.md b/doc/README.secureboot.md index 0996edc..b5056f2 100644 --- a/doc/README.secureboot.md +++ b/doc/README.secureboot.md @@ -142,7 +142,7 @@ Build the image with a signed efibootguard and unified kernel image with the snakeoil keys by executing: ``` -kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-swu.yml:kas/opt/ebg-secure-boot-snakeoil.yml +kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-secure-boot-snakeoil.yml ``` For user-generated keys, create a new option file in the repository. This option file could look like this: @@ -150,7 +150,6 @@ For user-generated keys, create a new option file in the repository. This option header: version: 10 includes: - - kas/opt/ebg-swu.yml - kas/opt/ebg-secure-boot-base.yml local_conf_header: @@ -169,7 +168,7 @@ need to stored in the folder `recipes-devtools/ebg-secure-boot-secrets/files`. Build the image with user-generated keys by executing the command: ``` -kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:kas/opt/ebg-swu.yml:<path to the new option>.yml +kas-container build kas-cip.yml:kas/board/qemu-amd64.yml:<path to the new option>.yml ``` ### Start the image diff --git a/kas/opt/ebg-secure-boot-base.yml b/kas/opt/ebg-secure-boot-base.yml index 30ca35a..35fb42e 100644 --- a/kas/opt/ebg-secure-boot-base.yml +++ b/kas/opt/ebg-secure-boot-base.yml @@ -11,6 +11,8 @@ header: version: 10 + includes: + - efibootguard.yml local_conf_header: initramfs: | diff --git a/kas/opt/ebg-swu.yml b/kas/opt/efibootguard.yml similarity index 66% rename from kas/opt/ebg-swu.yml rename to kas/opt/efibootguard.yml index 63dda09..544c740 100644 --- a/kas/opt/ebg-swu.yml +++ b/kas/opt/efibootguard.yml @@ -8,19 +8,19 @@ # # SPDX-License-Identifier: MIT # +# This kas file adds efibootguard as the bootloader to the image header: version: 10 local_conf_header: - swupdate: | - IMAGE_INSTALL_append = " swupdate efibootguard" + efibootguard: | + IMAGE_INSTALL_append = " efibootguard" + + efibootguard-swupdate: | SWUPDATE_BOOTLOADER = "efibootguard" - efibootguard: | + efibootguard-wic: | WDOG_TIMEOUT = "0" WICVARS += "WDOG_TIMEOUT" - wic: | - IMAGE_TYPE = "wic-swu-img" - WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks" diff --git a/kas/opt/qemu-swupdate.yml b/kas/opt/swupdate.yml similarity index 52% rename from kas/opt/qemu-swupdate.yml rename to kas/opt/swupdate.yml index daebd2c..e622972 100644 --- a/kas/opt/qemu-swupdate.yml +++ b/kas/opt/swupdate.yml @@ -8,12 +8,16 @@ # # SPDX-License-Identifier: MIT # - +# This kas file adds swupdate and generates a ${IMAGE_NAME}.swu +# from the first wic partition header: version: 10 local_conf_header: - qemu-wic: | + swupdate: | + IMAGE_INSTALL_append = " swupdate" + + wic-swu: | IMAGE_TYPE ?= "wic-swu-img" - WKS_FILE = "qemu-amd64-${SWUPDATE_BOOTLOADER}.wks" + WKS_FILE = "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks"